OSX.Pirrit Overview

Amit conducts safety studies. He specializes in research at the low level, vulnerability and kernel level, malware analysis and reverse engineering in Windows, Linux and macOS.

Previously, a research report was published that analyzed very unpleasant adware aimed at Mac OS X. While the main task of OSX.Pirrit was to display ads. As a result, the code OSX.Pirrit had the potential to carry out much more malicious actions.

This article describes the third part of the study (download PDF of this report in this article).

Pirrit / BrowserEnhancer / DaVinci (or whatever you want to call it) is not a serious threat. Malware OSX.Pirrit runs under root privileges, creates autorun and generates random names for each installation. Unfortunately, there are no removal instructions, and some of its components mask themselves to look as if they are legitimate and from Apple.

More.

DISCLAIMER: THIS POST IS FOR INFORMATIONAL PURPOSES ONLY AND IS NOT TO BE CONSIDERED LEGAL ADVICE ON ANY SUBJECT MATTER. DIGITAL FORENSICS CORP. IS NOT A LAWFIRM AND DOES NOT PROVIDE LEGAL ADVICE OR SERVICES. By viewing posts, the reader understands there is no attorney-client relationship, the post should not be used as a substitute for legal advice from a licensed professional attorney, and readers are urged to consult their own legal counsel on any specific legal questions concerning a specific situation.